Individuals who wish to work in technological or cyber security fields can obtain a variety of certifications that demonstrate their competence to deliver IT solutions in specific realms of the computing world. Businesses who hire staff for internal IT departments would be well advised to keep such certifications high on the priority lists when conducting candidate searches. However, what is a business to do when it is in the position of hiring an entire company because it wishes to contract for managed services?
Companies can use several different strategies to vet potential service providers. A suggested techniques would be to make use of the Federal Risk and Authorization Management Program (FedRAMP) system launched by the Obama Administration just months ago. FedRAMP establishes a unified approach for measuring the security present in a cloud services provider.
“What it does is provide government agencies and organizations with an easier way of acquiring public and private cloud computing authorizations, which means they can start using cloud a lot easier than they could have through the older FISMA process,” explained Dan Philpott, a participant in the Cloud Security Alliance. Philpott works as a security specialist for federal information.
FedRAMP can help organizations see whether a particular cloud services provider has already been authorized to work with a federal agency. This will help to streamline the analysis that businesses already do when comparing the merits of various managed services providers. The end result is a faster selection process, which can translate into cost savings.